BugTraq Mode:
(Page 6 of 1713)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >
CVE-2017-6430: Out-of-Bounds Read (DOS) Vulnerability in Ettercap Etterfilter utility 2017-03-06
ddos2me gmail com
Document Title:
===============
CVE-2017-6430: Out-of-Bounds Read (DOS) Vulnerability in Ettercap Etterfilter utility

Vendor:
=======
Ettercap (http://ettercap.github.io/ettercap/)

Product and Versions Affected:
==============================
Etterfilter 0.8.2 and possibly prior.

Vulnerability Ty

[ more ]  [ reply ]
OpenElec: Remote Code Execution Vulnerability through Man-In-The-Middle(CVE-2017-6445) 2017-03-06
Wolfgang (lister feedyourhead at)
During my research about update mechanisms of open-source software I
discovered vulnerabilities in OpenElec.

== [ OVERVIEW ] ==

System affected: OpenElec
CVE: CVE-2017-6445
Vulnerable component: auto-update feature
Software-Version: 6.0.3, 7.0.1
User-Interaction: Reboot require

[ more ]  [ reply ]
CVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility 2017-03-06
ddos2me gmail com
Document Title:
===============
CVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility

Vendor:
=======
Appneta (https://www.appneta.com/)

Product and Versions Affected:
==============================
Tcpreplay 4.1.2 and possibly prior.

Fixed Version:
==============
4.2.0 Bet

[ more ]  [ reply ]
EasyCom SQL iPlug Denial Of Service 2017-03-04
apparitionsec gmail com (hyp3rlinx)
[+] Credits: John Page AKA Hyp3rlinX
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/EASYCOM-SQL-IPLUG-DENIAL-OF-S
ERVICE.txt
[+] ISR: ApparitionSec

Vendor:
================
easycom-aura.com

Product:
===========
SQL iPlug
EasycomPHP_4.0029.iC8im2.ex

[ more ]  [ reply ]
[SECURITY] [DSA 3801-1] ruby-zip security update 2017-03-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3801-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 04, 2017

[ more ]  [ reply ]
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0 2017-03-02
Larry W. Cashdollar (larry0 me com)
Title: Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0
Vulnerability Date: 2017-02-27
Download: https://wordpress.org/plugins/zen-mobile-app-native/
Vendor: https://profiles.wordpress.org/zendkmobileapp/
Notified: 2017-02-27
Vendor Contact:
Description: Mobile App WordPre

[ more ]  [ reply ]
[SECURITY] [DSA 3794-2] munin regression update 2017-03-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3794-2 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Salvatore Bonaccorso
March 02, 2017

[ more ]  [ reply ]
Joomla com_publication Component - 'sid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_publication component version 3.1 and old version suffers from a remote SQL injection vulnerability.
teste on 3.1 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @

[ more ]  [ reply ]
Joomla com_news Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_news component version 3.1 suffers from a remote SQL injection vulnerability.
teste on 3.x version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@

[ more ]  [ reply ]
Joomla com_filecabinet Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_filecabinet component version 1.6 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@

[ more ]  [ reply ]
Joomla com_frontpage Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_frontpage component version 2.x and old version suffers from a remote SQL injection vulnerability.
teste on 2.0 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_phocadownload Component - 'id' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_phocadownload component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.8 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
#

[ more ]  [ reply ]
[SECURITY] [DSA 3798-1] tnef security update 2017-03-01
Sebastien Delafond (seb debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-3798-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Sebastien Delafond
March 01, 2017

[ more ]  [ reply ]
Joomla com_jdownloads Component - 'cid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_jdownloads component version 1.x and old version suffers from a remote SQL injection vulnerability.
teste on 1.5 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@

[ more ]  [ reply ]
Joomla com_webgrouper Component - 'Itemid' Parameter Sql Injection Vulnerability 2017-03-01
iedb team gmail com
Joomla com_webgrouper component version 1.6 and 1.7 and old version suffers from a remote SQL injection vulnerability.
teste on 1.6 version
Amir - IrIsT.Ir - Iedb.Ir - Xssed.Ir
Tnks

#################################

#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in Contact Form WordPress
Plugin
------------------------------------------------------------------------

Julien Rentrop, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery & Cross-Site Scripting in Contact Form
Manager WordPress Plugin
------------------------------------------------------------------------

Edwin Molenaar, July 2016

------------------------------------

[ more ]  [ reply ]
Stored Cross-Site Scripting vulnerability in User Login Log WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Stored Cross-Site Scripting vulnerability in User Login Log WordPress
Plugin
------------------------------------------------------------------------

Axel Koolhaas, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting in Magic Fields 1 WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting in Magic Fields 1 WordPress Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Atahualpa WordPress Theme 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Atahualpa WordPress Theme
------------------------------------------------------------------------

Spyros Gasteratos, July 2016

--------------------------------------------------------------------

[ more ]  [ reply ]
Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery
------------------------------------------------------------------------

Radjnies Bhansingh, July 2016

----------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in WordPress Download Manager Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in WordPress Download Manager Plugin
------------------------------------------------------------------------

Burak Kelebek, July 2016

----------------------------------------------------------------

[ more ]  [ reply ]
Persistent Cross-Site Scripting in the WordPress NewStatPress plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Persistent Cross-Site Scripting in the WordPress NewStatPress plugin
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin
------------------------------------------------------------------------

Radjnies Bhansingh, July 2016

---------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in Global Content Blocks WordPress Plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in Global Content Blocks WordPress Plugin
------------------------------------------------------------------------

Yorick Koster, July 2016

-----------------------------------------------------------

[ more ]  [ reply ]
Cross-Site Request Forgery in File Manager WordPress plugin 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Cross-Site Request Forgery in File Manager WordPress plugin
------------------------------------------------------------------------

David Vaartjes, July 2016

-------------------------------------------------------------------

[ more ]  [ reply ]
Admin Custom Login WordPress plugin custom login page affected by persistent Cross-Site Scripting 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Admin Custom Login WordPress plugin custom login page affected by
persistent Cross-Site Scripting
------------------------------------------------------------------------

Burak Kelebek, July 2016

------------------------------

[ more ]  [ reply ]
Admin Custom Login WordPress plugin affected by persistent Cross-Site Scripting via Logo URL field 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Admin Custom Login WordPress plugin affected by persistent Cross-Site
Scripting via Logo URL field
------------------------------------------------------------------------

Burak Kelebek, July 2016

-----------------------------

[ more ]  [ reply ]
Analytics Stats Counter Statistics WordPress Plugin unauthenticated PHP Object injection vulnerability 2017-03-01
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Analytics Stats Counter Statistics WordPress Plugin unauthenticated PHP
Object injection vulnerability
------------------------------------------------------------------------

Yorick Koster, June 2016

-------------------------

[ more ]  [ reply ]
Multiple persistent Cross-Site Scripting vulnerabilities in osTicket 2017-02-28
Securify B.V. (lists securify nl)
------------------------------------------------------------------------

Multiple persistent Cross-Site Scripting vulnerabilities in osTicket
------------------------------------------------------------------------

Han Sahin, July 2016

---------------------------------------------------------------

[ more ]  [ reply ]
(Page 6 of 1713)  < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus